DaniWeb IT Discussion Community

DaniWeb IT Discussion Community - Network Security http://www.daniweb.com/forums/ en-US Sun, 08 Nov 2009 06:21:47 GMT vBulletin 60 http://www.daniweb.com/alphaimages/misc/rss.jpg DaniWeb IT Discussion Community - Network Security http://www.daniweb.com/forums/ News Story Google Tries Transparency with New Dashboard http://www.daniweb.com/news/story236389.html Thu, 05 Nov 2009 21:35:48 GMT "If we went into an “evil room” and had an “evil light” shined on us, and we then behaved in an “evil” way we would be destroyed… there is a fundamental trust between Google and its users.”
~Eric Schmidt, Google CEO

Google released an exciting new product today called the Dashboard. I don't usually call Google products exciting because it makes me sound like I'm writing their marketing literature, but the Dashboard provides a way to see an overview of all your activity across every Google product you use. And if you're like me, that's a lot. Instead of guessing what information Google has, you can now see it all in one convenient place.

Getting To The Dashboard

Accessing the dashboard is a simple matter. Follow these steps:

Go to Google.com.
Click Settings > Google Account Settings and your account page opens.
At the top of the page in the right column labeled Personal Settings, click View Data Stored with Account (next to the Dashboard label). The Google Accounts page opens with all of the information across each of your Google accounts.

Why It's Great

I always loved that quote at the top of this post from Google CEO, Eric Schmidt above. It suggests that for some reason we should just trust Google with our data. It's an absurd notion of course, and even more so in that ridiculous quote, but Google Dashboard is a good first step. It gives users a one-stop shop to see all of their data and settings.

As individuals interested in accessing and understanding data, this is a huge step forward. For businesses, it's even more important, especially from a regulatory and compliance point of view. It gives everyone, big or small, access to their data in a simple fashion, which is as it should be.

Google's Free Tools Are Attractive and Scary

When I saw Marissa Mayer's presentation recently on the Google's new social search, one thing jumped out at me. You have to give Google information about your social networks in order for the search engine to display social search results. This seemed like a huge thing to ask users, and it goes directly to the heart of the problem many people have with Google. Yes, the tools are wonderful and free and available wherever you go, but any thinking person has to wonder about the portfolio of information that Google has on each of us -- our mail, our search history, what we read and the pictures we take, the videos we watch and the ones we add, and on and on it goes. And the social search would mean Google would have access to our friends too (whom we associate with).

All of this is a bit scary, so you'll have to pardon me if I don't trust Eric Schmidt's assertion that they won't ever step into that "evil room." But for starters, the Dashboard at least gives us insight into what information that Google has on us its databases, and gives us the opportunity to change our privacy settings and to delete services we don't want anymore. It may not be a panacea for paranoia, but it's a start, and I'll take it. ]]> Network Security Techwriter10 http://www.daniweb.com/forums/thread236389.html News Story Leslie Stahl Needs To Get a Clue About P2P http://www.daniweb.com/news/story235660.html Tue, 03 Nov 2009 13:16:36 GMT Attachment 12439 (http://www.daniweb.com/forums/attachment.php?attachmentid=12439) Leslie Stahl had a piece Sunday night on 60 minutes on the supposed impact of piracy on the movie industry. (You can watch it here... Attachment 12439
Leslie Stahl had a piece Sunday night on 60 minutes on the supposed impact of piracy on the movie industry. (You can watch it here.) Her piece was so slanted toward the Motion Picture Association of America, it was almost laughable (if it weren't so maddening).

At one point, Stahl explained P2P networking using Bit Torrent in a way that made it sound like it was used exclusively for movie pirates and that it was the brand new gee-wizz technology--neither of which is true. In fact, many mainstream media companies are using P2P technology to deliver their content, and have been for years, because it's cheap and efficient.

BitTorrent is Mainstream, Baby

BitTorrent, the software that Stahl shows off in the piece was developed by Bram Cohen, who is Chief Scientist and company co-founder of BitTorrent, the company. His company, the one if you listen to Stahl's piece is responsible for moving pirated content around the internet, has many media companies as its clients.

According to its web site, clients include Fox, MTV, Warner Brothers, Lions Gate and Paramount. If the movie industry is so worried about piracy on BitTorrent, it certainly has no problem using its 100+ million client network to distribute content.

The MPAA flacks interviewed in the piece who suggest that pirates are stealing their profits neglect to say MPAA members are using the same technology the piece was demonizing.

Understanding P2P

P2P (or peer to peer) networking is nothing more than a technology for distributing content across a network of peer computers, taking advantage of the computing power of each one. Like any technology it can be used for good or ill, depending on who is using it. I published an article for StreamingMedia.com back in July, 2007 about the mainstreaming of P2P. As I wrote at the time, quoting Monty Mullig, who was was SVP of digital media technologies at Turner Broadcasting System Inc.:

Quote:

“I would say that P2P as a technology, per se, hasn’t been the problem for content and copyright owners. It’s been the use and the way some services that are based on P2P technology have been deployed. There are plenty of ways to use P2P distribution that don’t infringe on the interests of copyright holders,” Mullig says.

Imagine that. There are ways to use the technology that don't infringe on copyright owners. You would never know that from the piece broadcast on Sunday night.

Stahl Unbalanced

Stahl's piece was flawed in so many ways, but she seemed to mix the up idea of pirates creating physical copies and selling them for money with those who were distributing movies for free over the internet. Meanwhile, she failed to acknowledge (while never even naming by name) that P2P technology has legitimate content distribution uses. Further, she had spokespeople from the MPAA and director Steven Soderbergh, but never saw the simple contradiction between the MPAA's position in this piece and the fact their members are partners with BitTorrent.

My fellow-DaniWeb blogger Davey Winder wrote the other day in a post, Hold the Front Page: Piracy is Not Killing the Music Business, a recent study found that people who downloaded music tracks illegally actually spent more on music than people who didn't. Winder suggests that it's not piracy that's the problem at all, but a failure to understand the way content is distributed in 2009.

He's spot on of course, and the same lesson applies to the MPAA. It's time for them to stop demonizing software and trying to tie piracy to organized crime and figure out ways to use the technology to sell and distribute their content. 60 Minutes has a long reputation for hard-hitting investigative pieces, but this piece did it a disservice. At least try to get a dissenting opinion next time. Wouldn't have been that hard to find.

Photo by hellochris on Flickr. Used under Creative Commons License.

Attached Images

moviereel.jpg (149.3 KB)

]]> Network Security Techwriter10 http://www.daniweb.com/forums/thread235660.html I T security http://www.daniweb.com/forums/thread235453.html Mon, 02 Nov 2009 19:46:05 GMT Hello, I just finished my degree in engineering but I want develop myself in IT security, i just finished my ccna training and I need advice on how can do this and i also need a mentor in security. thanks Hello, I just finished my degree in engineering but I want develop myself in IT security, i just finished my ccna training and I need advice on how can do this and i also need a mentor in security. thanks ]]> Network Security judeofgod http://www.daniweb.com/forums/thread235453.html IP Address From Email http://www.daniweb.com/forums/thread235392.html Mon, 02 Nov 2009 15:32:24 GMT hi Folks, anybody knows if it is possible I could find out the source Ip Address of sender from the email I received?any idea? any software? cheers ex) I received an email from a friend,but to authenticate that he is the real guy who I expected to have email from him. hi Folks,

anybody knows if it is possible I could find out the source Ip Address of sender from the email I received?any idea? any software?

cheers

ex) I received an email from a friend,but to authenticate that he is the real guy who I expected to have email from him. ]]> Network Security Relentless http://www.daniweb.com/forums/thread235392.html Setting a password on shared folders http://www.daniweb.com/forums/thread234420.html Thu, 29 Oct 2009 12:15:25 GMT Hi, I am quite new to the world of computers and am looking for some advice. I have a Server which is networked to 5 other machines. On this server we have private databases etc and i would like to password specific folders or indeed the whole hard drive of the server so only the said... Hi,

I am quite new to the world of computers and am looking for some advice.

I have a Server which is networked to 5 other machines. On this server we have private databases etc and i would like to password specific folders or indeed the whole hard drive of the server so only the said machines can access the server.

I don't have a clue where to start.

Any help would be greatly appreciated.

many thanks
Oli ]]> Network Security otak123 http://www.daniweb.com/forums/thread234420.html Network files deletion http://www.daniweb.com/forums/thread233165.html Sun, 25 Oct 2009 14:04:50 GMT I am finding for a freeware which can be used for removing the files which are deleted from the network so that they are deleted permanently in my network but the files on they are not recovered back again using any software. I want guaranteed permanant deletion of these files. As of now the files... I am finding for a freeware which can be used for removing the files which are deleted from the network so that they are deleted permanently in my network but the files on they are not recovered back again using any software. I want guaranteed permanant deletion of these files. As of now the files on the local PC. Please suggest me some software for the same. I will be really very greatful to you for helping me in this. Waiting for your response... ]]> Network Security Rati A http://www.daniweb.com/forums/thread233165.html keeping password just in cookies, not in servers. http://www.daniweb.com/forums/thread232505.html Fri, 23 Oct 2009 05:41:22 GMT Hi,
Suppose a site doesn't store passwords on its server.
When the user creates a new account, his password is hashed together with his username and stored in a cookie insider his Web browser. When he comes to the site again and types in his username and password, the server hashes them pulls the cookie from the user’s browser and checks if the computed hash is equal to the hash
stored in the cookie. If they match, access is granted.
Can another person log into his account just be knowing the username i.e the victim's computer is offline and inaccessible( cannot be eavesdropped) ]]> Network Security byehye87 http://www.daniweb.com/forums/thread232505.html code to get WAN/external IP in java http://www.daniweb.com/forums/thread232391.html Thu, 22 Oct 2009 19:06:19 GMT hi all, i am in an urgent requirement of getting the WAN ip of the visitors of my website through java. using getRemoteHost() gives me the lan ip. please respond hi all,

i am in an urgent requirement of getting the WAN ip of the visitors of my website through java. using getRemoteHost() gives me the lan ip. please respond ]]> Network Security trojanGirl http://www.daniweb.com/forums/thread232391.html Access violation http://www.daniweb.com/forums/thread232058.html Wed, 21 Oct 2009 19:24:26 GMT Hi I am a completely novice and need some help I keep getting a message LINKSYS WIRELSS NETWORK MONITOR ACCESS VIOLATION AT ADDRESS 24103531 READ OF ADDRESS Hi

I am a completely novice and need some help

I keep getting a message

LINKSYS WIRELSS NETWORK MONITOR

ACCESS VIOLATION AT ADDRESS 24103531 READ OF ADDRESS

Can anyone tell me what this means and how do I resolve it?

Thanks in advance

Mark ]]> Network Security markym http://www.daniweb.com/forums/thread232058.html Security Project Ideas http://www.daniweb.com/forums/thread231792.html Tue, 20 Oct 2009 23:35:18 GMT Hi all,
I'm looking for some ideas for a masters project in network security or networking.

I wanted to do something on botnets as im very interested in them but am having problems understanding what i could achieve by doing a project on that.

I'd really appreciate some ideas..

Thanks :) ]]> Network Security UnknownUser http://www.daniweb.com/forums/thread231792.html News Story Warning: Trojans Hiding In Facebook Apps http://www.daniweb.com/news/story231627.html Tue, 20 Oct 2009 11:01:33 GMT It's not just phishing scams that Facebook users have to worry about right now,

According to Roger Thompson, the Chief Research Officer with security vendor AVG, hacked Facebook applications are increasingly reaching out to exploit sites based in Russia. As Thompson says, this is different to the normal run of things whereby people are linking to hacked pages innocently enough on social networking sites. "These seem to be actual Facebook applications that have been hacked" Thompson points out, adding that the application developers are "innocent victims too".

AVG researchers first spotted the trend when a fire-fighter simulation game which it assumed was a developer hack, pointing to a Russian site where a scareware scam was being peddled. But when they looked closer, they discovered in the source code for the web pages an injected iframe that did the damage.

What is not obvious at the moment is just where the holes are in the infected Facebook apps which are letting the bad guys inject their code, but Thompson is as sure as he can be that the app developers are just as much victims as anyone else in these matters. So far AVG has uncovered at least 8 Facebook apps which have been compromised, and the full details can be found here along with screenshots of one exploited app and the exploit sites it reaches out to.

Maybe it is time to rethink the way that Facebook approaches app development and reconsider adopting the Apple approach to app security? ]]> Network Security newsguy http://www.daniweb.com/forums/thread231627.html <![CDATA[News Story "I've Been Mugged! Send Money!"]]> http://www.daniweb.com/news/story231517.html Tue, 20 Oct 2009 00:40:16 GMT The other day I was on Facebook and a chat window popped up from a college friend of mine.

Bob: Hey there. How are u doing?
Sharon: ok. you?
Bob: Am not too good. Im in some kind of deep mess right now
Sharon: uh oh. what happened?

What "Bob" didn't know was that I was already suspicious of him by then.

Bob: Im stranded in London. I got mugged at a gun point last night!

Sure you did, "Bob."

This is a classic example of the "I've been mugged!" scam that's been going around Facebook chat. A friend starts a chat, tells how they've been mugged in some world city, and begs you to use Western Union to wire them some money.

(Poor Western Union. Does anyone use them for anything legitimate any more?)

Not to mention -- robbed at gunpoint? In England? Are you kidding?

But I played along.

Sharon: oh no!
Bob: All cash,credit card and phone was stolen!
Sharon: that's terrible!
Bob: Thank God i still have my life and passport
Sharon: yes, for sure
Bob: I need your urgent help Sharon!
Sharon: how can I help?

Then I waited for "the touch." Sadly, there were no more messages, and four minutes later "Bob" had signed off.

I got into email to contact "Bob" and let him know what was going on, only to find email from him in my mailbox, warning that he thought his account had been hacked and to ignore any chat messages from him.

What tipped me off is that I'd read articles about this method. But what tipped Bob -- the real one -- off?

"They tried to change my contact email address," Bob said. "FB sent a notice asking me to confirm the change. I had not initiated said change, so I knew something was up."

(Notice, too, the sorts of word choices and spelling the real Bob uses, compared to the fake one.)

What should you do if you're on the receiving end of one of these scams? Experts suggest that you try to confirm some piece of information that only the real person would know, such as the last time you saw each other or the names of their children or pets. And, of course, try to contact the real person to see if they're actually in London or wherever.

Obviously, also, pay attention if you get an unexpected message trying to change your email address. Bob took the additional step of emailing his friends, plus posting a message with his real location so people would be suspicious if they then heard he was in London.

Sadly, many of these scams are perpetrated outside the U.S., so it's tough to nail them. ]]> Network Security slfisher http://www.daniweb.com/forums/thread231517.html News Story People still fall for scareware? http://www.daniweb.com/news/story231449.html Mon, 19 Oct 2009 17:52:38 GMT Symantec has published one of those rare things - a report that contains an actual surprise. It seems some 4 million people have fallen for Scareware in the last 12 months.

I'm stunned.

Not because people are installing fake antivirus systems. That's a shame but in some ways it's inevitable; people on their own will fall for scams. No, what alarms me is that the IT community (and if we include journalists and bloggers that's all of us) are doing so little to dissuade them.

It wouldn't take much. An email sent to all remote workers reminding them that not only should they not install pirated software onto their systems, not only is clicking a link in an email from someone they don't know and filling bank details in after that a really, really bad idea, but if someone approaches you with AV software it's probably fake. Coming from someone they trust, like an employer, it could transform the way scams succeed on the Internet.

Now if you'll excuse me I have a mail telling me my ISP is going to close my account if I don't log on and confirm all of my passwords... ]]> Network Security GuyClapperton http://www.daniweb.com/forums/thread231449.html News Story Gary McKinnon wins extradition reprieve for psych review http://www.daniweb.com/news/story231374.html Mon, 19 Oct 2009 11:01:16 GMT Just when it looked like every avenue to prevent the extradition of self-confessed NASA Hacker Gary McKinnon had been exhausted, especially when just last week a couple of High Court judges denied him leave to appeal his case to the highest court in the UK, it looks like the hacking cause célèbre... Just when it looked like every avenue to prevent the extradition of self-confessed NASA Hacker Gary McKinnon had been exhausted, especially when just last week a couple of High Court judges denied him leave to appeal his case to the highest court in the UK, it looks like the hacking cause célèbre has got a reprieve.

In an unexpected twist, Home Secretary Alan Johnson has delayed the extradition proceedings while he considers the medical evidence. Diagnosed with Asperger's Syndrome, it has been argued by the Free Gary campaign that to send him to prison in the US would be the equivalent of signing his death warrant.

Certainly there seems to be a groundswell of opinion (both here and in the US) that were McKinnon tried in the UK he would most likely face a more lenient sentence. I myself have argued that he should face the music, as it were, in the UK rather than the US. I recently stated right here on DaniWeb that "I seriously doubt that McKinnon could get a fair trial in the US where he has already been branded a fugitive from justice (for merely going through the legal process of appealing against an extradition order, something to which he has every legal and moral right) and various government and military mouthpieces have made it quite clear that they think the book should be thrown at him and McKinnon should get 'what he deserves' which would appear to be 60 years in a supermax prison apparently".

However, I have also made it quite clear that I believe McKinnon should not be let off with a slap on the wrist. He has broken the law, he admits as much, and must face the consequences - Asperger's Syndrome or not. This has, let's face it, been dragged out long enough now. McKinnon was arrested way back in 2002 and the 43 year old needs to be prosecuted and tried in a court of law so that he, and everyone else, can move forward. ]]> Network Security happygeek http://www.daniweb.com/forums/thread231374.html i need help http://www.daniweb.com/forums/thread230890.html Sat, 17 Oct 2009 08:48:13 GMT hi i am shimaa iam in final year in engineering colleage my graduation project in network security so i need anew idea to enhance security performance............................... hi
i am shimaa iam in final year in engineering colleage my graduation project in network security so i need anew idea to enhance security performance............................... ]]> Network Security eng shimaa http://www.daniweb.com/forums/thread230890.html How to Set a WEP Key for a cisco 1200 series wireless access point. http://www.daniweb.com/forums/thread230281.html Thu, 15 Oct 2009 04:36:18 GMT Hi,

I would like to set key for my Cisco 1200 series Wireless Access point such that users can be able to connect to it after providing a it. When I select static WEP, I am told to enter 26 Hexadecimal characters and yet I would like to provide users with a key like "Cisco1200". How can I set this.

Thank you! ]]> Network Security kiel19 http://www.daniweb.com/forums/thread230281.html News Story A Black Eye for Cloud Computing http://www.daniweb.com/news/story229934.html Tue, 13 Oct 2009 20:27:36 GMT To put it mildly, it's been a bad week for cloud computing. First of all word got out that Microsoft, the keepers of the data for users of Sidekick phones completely hosed the data. I mean kaput, gone, vanished. See you later, bye. If you don't have a back up, you are pretty much screwed because the keepers of the data have committed the ultimate sin and lost it.

Meanwhile, the The Unofficial Apple Weblog reports that MobileMe might be having a data leak and letting people randomly see the contents of your address book. This is the kind of nightmare scenario that cloud computing naysayers always seem to bring up, but we quickly dismiss as not likely to happen. Well, it did happen and it happened twice in one week.

We're Not Talking an Outage Here

Last month, I made fun of they hysteria that developed when Gmail went down for a few hours in my post, The Day Gmail Stood Still: A Tale of Horror, but losing a service for a few hours is a minor annoyance. Losing your data? That's catastrophic and there is no sugar coating it. That these two cloud computing doomsday scenarios were perpetrated, not by some Mom and Pop cloud company, but by two of the largest computing organizations, Apple and Microsoft, makes the situation all that much worse.

Tough to Defend

As a fan of cloud computing, I tend to dismiss the control arguments I hear when people say they won't let their data out of their sight. The easiest argument here, which frankly is the one that vendors always seem to say, is that your data is probably safer with them than it is with you. After all they have fail-safe systems, back-ups of their back-ups and your data is safer with them because you won't be as thorough. What's more their reputation is on the line, right? If something like this happens, well their whole business model is basically up in smoke.

Apple and Microsoft Are Not Pure Cloud Vendors

If Google or Salesforce lost or leaked data in this fashion, it would be truly a monumental failure since this is what they do for a living. That it was Apple and Microsoft, is still horrible, but this is not their primary business model. They still sell other services, hardware, software and so forth. The cloud business is a sideline and maybe that's the problem.

As we navigate this new way of computing, let's not panic and throw the baby out with the bath water, but neither can we idly dismiss data backup and data leak concerns as the worries of control freaks. It's something we should all be concerned about. Something we should all be asking hard questions about and something we need to take much more seriously because next time, the data could be yours and it won't be so abstract. Remember it's ultimately your data and always make sure there is a way for you to back it up locally so that you have a copy too in case your vendor turns out to be someone incompetent, like say Apple or Microsoft. ]]> Network Security Techwriter10 http://www.daniweb.com/forums/thread229934.html Wifi cell phone, PC Torrent http://www.daniweb.com/forums/thread228366.html Wed, 07 Oct 2009 15:34:01 GMT Hello,

I am student of BSIT in BZ University Multan, Pakistan...

I've a question, Actually I don't have but a student in the class asked a question & Teacher Gave the Answer which is not acceptable by me... Just wanted to confirm ...

ok

Here is the scenario...
in the hostel of my university there is Wifi Implemented, Student is trying to use Torrent on his PC but he can't download any thing ... But when he connects his cell phone with the same wifi network and download torrent files in his cell phone he can download files ...

Question was that, why it is so that same network is allowing to access torrents on cell phone & not on PC ...

Here is the answer of teacher, which I 99% don't accept...
There might be GSM/GPRS network embedded in the wifi, that is allowing user to use torrent on mobile ...

Is that possible? How it is possible ? He is connecting to Wireless LAN, Not with GPRS ...

What I think is that there might only be firewall on PC...

Just wanted to clear ... ]]> Network Security wasiflaeeq http://www.daniweb.com/forums/thread228366.html The Book - Network security essentials http://www.daniweb.com/forums/thread227910.html Mon, 05 Oct 2009 23:39:01 GMT Hi!

I'm looking for the book Network security essentials 2nd or 3rd edition by William Stallings, I live in europe (EU) and can't find it anywhere. So I just wonder if you guys know a place where I can get it as an eBook (legal! Paperbacks too, if it's inside EU) or if there is an equal good or better book that you can recommend me to read instead/also.

Cheers! ]]> Network Security sci-kode http://www.daniweb.com/forums/thread227910.html News Story Hotmail security breach http://www.daniweb.com/news/story227827.html Mon, 05 Oct 2009 15:38:49 GMT Smaller businesses and people who use Hotmail as n email system or backup email system need to change their passwords - Microsoft has confirmed it's investigating a security breach.

It seems that in spite of the industrial strength security everybody of any size applies to these systems - and let's not single out Microsoft or be anti-anything here, nobody honest benefits from this sort of thing happening - reports are circulating stating that 10,000 email addresses and passwords have been taken.

You might want to change yours as a routine precaution. ]]> Network Security GuyClapperton http://www.daniweb.com/forums/thread227827.html Multi-firewall defense in depth http://www.daniweb.com/forums/thread227755.html Mon, 05 Oct 2009 10:44:28 GMT I have simple question which is regarding firewall deployment in defense in depth strategy.

I want to install multiple firewall on my network I want to know should all the firewall placed on different segment of the network be "all configured in fail close fashion". In this case would this create a single point of failure if all the devices were to fail at one time. Would it make your network inaccessible to the rest of the network.

Secondly, the other concern of using multiple layer firewall is the duplication of policies. In my experience even working with two or more firewall in one environment is enough to create a management nightmare. Is duplication an option which should be considered like a best practice approach or when you have consistent hardware environment (juniper , juniper , pix , pix etc).
With duplication you eliminate the degree of uncertainty of speculation or assumption of firewall at different layer would have a certain policy to block certain service/ port but in actuality its quiet the opposite where the service is not being stopped or disallowed by the firewall. Duplication would solve the problem but than as i said it again it has to do with interoperability among other issues. Can someone please like to comment on the scenario

thank you. ]]> Network Security latin http://www.daniweb.com/forums/thread227755.html regarding virus on network http://www.daniweb.com/forums/thread227675.html Mon, 05 Oct 2009 03:11:54 GMT

1. central virus solution

Is it possible to make a such solution for local Intranet on which more than 100 pcs are connected to avoid virus problem by any cd drive or pen drive , every time when any pc try to insert CD or pen drive it should confirm from Administrator's PC and admin PC will check it for virus and then it will allow to access it ??????????????//

central file sharing

Is it possible on local Intranet that no pc can share any thing without the permission of ADMINISTRATOr ?????// ]]> Network Security jto http://www.daniweb.com/forums/thread227675.html regarding Trouble with two network card http://www.daniweb.com/forums/thread227671.html Mon, 05 Oct 2009 02:47:49 GMT we have a intranet in office to share interent among all these computers i have installed one more lan card on my pc and connect a DSL modem on this for getting Internet and used proxy software to make it as a proxy sever on dhcp mode , one of my old onboard LAN card is having my intranet's IP but when my pc is connected on Intranet it is not getting internet but when i am disabling my own board lan card then interenet gets started . Please help me why this is happening and how i can make a proxy server?///
Please Please please ]]> Network Security jto http://www.daniweb.com/forums/thread227671.html How to hide my IP? http://www.daniweb.com/forums/thread227476.html Sat, 03 Oct 2009 18:53:01 GMT I want to hide my IP from my network so that no one in my network can trace the sites I visit. Is it possible? How can I do it? I want to hide my IP from my network so that no one in my network
can trace the sites I visit.
Is it possible?
How can I do it? ]]> Network Security virtualmisc http://www.daniweb.com/forums/thread227476.html News Story Injuncted via Twitter http://www.daniweb.com/news/story227242.html Fri, 02 Oct 2009 13:52:45 GMT A judge has said a lawsuit can be delivered via Twitter. It's an interesting case, an odd idea and a pity there are going to be so many logistical obstacles.

The scenario is simple. Someone is posing as a (real) right-wing blogger - they've effectively 'borrowed' his name for a Twitter account and are putting notes up that the actual blogger finds objectionable. In British law, and I have no doubt other territories will have their equivalents, there is a thing called 'passing off', which means I can't pass myself off as someone else, they can't pass themselves off as me, and soforth. So the blogger doesn't need a trademark, he's protected.

Thing is, the Tweeter hasn't identified himself. So the judge has said the lawsuit can be delivered via Twitter - a link will take the Tweeter through to the text of the injunction.

Yeah...and then what? There are a great many things that can happen and only one of those involves the perpetrator actually being caught. The most likely is that he or she will ignore the lawsuit. If he or she can't be found then there's nothing to gain from coming forward. The second is that they shut the account down and start again under another name, and continue this sort of Twitter-tag for a while. The third is that he or she gets caught but denies having seen the Tweet with the lawsuit link (maybe you can prove someone opened a Tweet but I can assure you I have Tweetdeck running on my computer all the time so about 1500 people could 'prove' I'd opened their Tweets without any certainty that I'd read them unless I'd replied).

In fact the more I look at this, the less enforceable it appears and the more objections to Twitter as a means of delivery start to look. I'd be delighted if someone could prove me wrong but I just don't see how this can fly.

Details of the case are in a report here. ]]> Network Security GuyClapperton http://www.daniweb.com/forums/thread227242.html Suggestions for Networking project http://www.daniweb.com/forums/thread227058.html Thu, 01 Oct 2009 17:07:41 GMT Hi All I am a final MSc. in Internetworking student from Canada. I need some ideas for my Capstone project. I am currently renewing my CCNA certification and i am interested in ideas involving routing protocols like OSPF and BGP as i have done my previous projects on these protocols. I would... Hi All

I am a final MSc. in Internetworking student from Canada. I need some ideas for my Capstone project. I am currently renewing my CCNA certification and i am interested in ideas involving routing protocols like OSPF and BGP as i have done my previous projects on these protocols.
I would also welcome ideas on doing project on VOIP.

Thanks in advance.
Good to join you all! ]]> Network Security maxx_me http://www.daniweb.com/forums/thread227058.html firewall construction http://www.daniweb.com/forums/thread225624.html Fri, 25 Sep 2009 06:49:25 GMT I'm a student of engineering and decided to construct firewall for my major project.Can you provide some ideas about how I should proceed for my topic.I've decide to construct a packet-filtering firewall. ]]> Network Security coolbuddy059 http://www.daniweb.com/forums/thread225624.html <![CDATA[News Story We''re #1! In Spam!]]> http://www.daniweb.com/news/story225576.html Fri, 25 Sep 2009 03:29:08 GMT Idaho, where I live, likes to brag when it makes lists such as "best places to live," "best places to start a business," etc.

Now we've made another list: we're the most spammed.

According to MessageLabs, which was acquired by Symantec in November, the ten states with the highest percentage of spam are:
1 Idaho 93.8%
2 Kentucky 93.0%
3 New Jersey 92.8%
4 Alabama 91.9%
5 Illinois 91.6%
6 Indiana 91.0%
7 Massachusetts 90.9%
8 Pennsylvania 90.5%
9 Arizona 90.4%
10 (tie) Maryland, 90.3%
North Carolina and
New Mexico

The ten states (and territory) with the lowest percentage of spam are:
1 Puerto Rico
2 Montana
3 Alaska
4 Kansas
5 South Dakota
6 Tennessee
7 Vermont
8 (tie) West Virginia and Rhode Island
9 Wisconsin
10 (tie) Iowa and Florida

MessageLabs did not reveal figures for these areas except for Puerto Rico, at 83.1%.

Why Idaho? MessageLabs wasn't sure. It didn't indicate that Idahoans were particularly gullible about Nigerian princes nor particularly ignorant about anti-spam software (which, no doubt, MessageLabs and Symantec would be happy to sell them).

However, it did have some correlations to point out. "The areas that are subjected to the highest levels of spam are generally those locations that are populated with a higher density of small-to-medium sized businesses."

On the other hand, MessageLabs goes on to add, "Similarly, the least spammed places are often home to some of the largest companies."

Puerto Rico? Montana? Really?

MessageLabs also notes that the most-spammed industries are Marketing, Wholesale, Recreation, Engineering and Real Estate (how can they tell?), while the least spammed are Chemical and Pharmaceutical, followed by Agriculture, Public Sector, Transportation and Healthcare -- which is particularly odd because these least-spammed industries provide a large share of Idaho's employment.

Last year, Idaho was the 44th most-spammed state. In fact, the top three most-spammed states were among the ten least spammed states in 2008.

On the other hand, for all states, the difference between the most- and least-spammed states decreased from 15.1% in 2008 to 10.7% in 2009 -- making reports like this less and less relevant. ]]> Network Security slfisher http://www.daniweb.com/forums/thread225576.html News Story Accused Network Administrator Still In Jail http://www.daniweb.com/news/story224982.html Wed, 23 Sep 2009 02:55:17 GMT Remember Terry Childs? He was the network administrator for the city of San Francisco who -- claiming he was protecting the city government's computer system from incompetent coworkers -- changed the system's passwords and then for more than a week refused to give them to anyone, even after being arrested.

Childs eventually did give the passwords to San Francisco Mayor Gavin Newsom, and was charged with four felony counts, basically of variations on hacking.

Well, it's more than a year later, and Childs is still in jail, without yet having been convicted of anything.

In August, San Francisco Superior Court judge Kevin McCarthy dropped three of the four charges, related to his attaching three modems to the network. The charge associated with his refusing to reveal the passwords stayed.

However, later in the month, Judge Charles Haines refused to lower Childs' $5 million bail, calling him a flight risk (when arrested, he'd been found with a large amount of cash) and a security risk to the San Francisco network.

In comparison, the San Francisco Felony Bail Schedule, which provides bail guidelines for a variety of offenses, lists a $1 million bail for the most serious crimes, such as sexual assault of a child, aggravated arson, or kidnapping for ransom, according to the IDG News Service.

Meanwhile, in January, Childs filed a $3 million lawsuit against the city, including $1 million in compensation for lost wages and benefits, $1 million for emotional stress, $500,000 in attorney fees, and $500,000 in unspecified "special damages."

If convicted, Childs faces up to five years in prison -- assuming, of course, they manage to go to trial and convict him by then. ]]> Network Security slfisher http://www.daniweb.com/forums/thread224982.html <![CDATA[News Story Does the Internet Know You're Gay?]]> http://www.daniweb.com/news/story224479.html Mon, 21 Sep 2009 01:38:20 GMT Two students from the Massachusetts Institute of Technology have learned that it is possible to predict which men in social networks are gay, even if they aren't out, based on who their friends are.

It's the theory behind traffic analysis, or the process of intercepting and examining messages to deduce information from patterns in communication, even without the content of the messages.

According to an article in the Boston Globe, the project, code-named Gaydar, analyzed the Facebook friend links of 1,544 men who said they were straight, 21 who said they were bisexual, and 33 who said they were gay. "Gay men had proportionally more gay friends than straight men, giving the computer program a way to infer a person’s sexuality based on their friends," the article said.

The students then asked the program to determine the orientation of men who did not declare it on Facebook, and ten men -- whom the students knew to be gay -- were also predicted to be gay by the program. (The program was not so successful at picking out gay women, or bisexual men and women.)

It's not that people need to be worried about being outed by a couple of MIT students. But a number of organizations, including the American Civil Liberties Union, have warned users how much personal information they are revealing in social networking sites without realizing it. What MIT students can do, other people -- including potential bosses -- could also figure out how to do, potentially leading to the notion that users might hesitate at publicly friending others based on what inferences -- correct or not -- might be drawn. ]]> Network Security slfisher http://www.daniweb.com/forums/thread224479.html network security http://www.daniweb.com/forums/thread224263.html Sat, 19 Sep 2009 15:47:58 GMT i want to know the basics to do the project in the area network security i want to know the basics to do the project in the area network security ]]> Network Security cvaag http://www.daniweb.com/forums/thread224263.html Cannot access internet WITHOUT proxy/ulrasurf http://www.daniweb.com/forums/thread224260.html Sat, 19 Sep 2009 15:22:47 GMT Hi folks,
Generally, i access my internet without using any proxy servers ie my firefox/IE always has this option unchecked. Then i ran ultra surf this one time (on vista x64) and it worked fine but then once i closed ultra surf i couldn't connect in either browser, inspite of having my original browser settings, wherein no proxy server option was selected.
So currently, i can connect only by using ultra surf and not without it, which's consequently affecting my speed esp for torrents.
I'm certain its not an issue with the settings in my browser, because my torrent client is behaving similarly ( works only when ultrasurf's on ) so if u can point out to something else, i could try that out.
Also, can't be a router issue as it works fine on my other OS.
I generally dont have good luck with forums but hoping u guys can help me out, till then ultrasurf it is. ]]> Network Security rastafarian http://www.daniweb.com/forums/thread224260.html News Story FTP Security FAIL http://www.daniweb.com/news/story223468.html Wed, 16 Sep 2009 10:08:23 GMT One third of businesses totally fail to encrypt their sensitive data transfers. That's the conclusion of a new survey into file transfer security which noted the huge disparities in attitudes towards data security in general and data security during transfer. According to the 2009 File Transfer Security Survey undertaken by managed file transfer solutions developer Ipswitch, while some 82% of organisations engage in the exchange of sensitive data only 64% actually encrypt that data either when it is at rest or being transferred.

Within the engineering and heavy industry sectors only 54% of respondents reported encrypting sensitive data as part of their secure data transfer strategy, whereas when it came to health, education and government services the numbers improved to 69%. Perhaps unsurprisingly, the IT sector did better with 70% of respondents encrypting data, but not as good as professional services on 74% or the big daddy of secure data transfer which was financial services on 77.5% - although this is largely down to the presence of explicit and demanding regulations to ensure financial data is safe.

Based upon responses from more than 300 businesses ranging from media organisations, law and accountancy firms through to national and local government, schools, hospitals banks, consultants and retailers, other key findings of the report included:

22% of businesses in financial services do not encrypt data transfers
16% are still not confident that their arrangement for transferring large files is secure
Over a third of respondents cite secure file transfer as a ‘high priority’, 24% see it as a ‘low priority’, and a third regard price as the most important criterion when implementing it

Despite increasingly stringent regulation, including new rules for data protection and handling of financial data, only 6% recognise that this has presented short term implementation deadlines, whilst 49% either believe no improvements to secure transfer infrastructure are needed, or have placed improvements on hold

Referring to a record £3.3 million fine handed down by the FSA, this month, to a major financial institution, for the loss of unencrypted data, Ipswitch Vice President, Jonathan Lampe, says "we know that even big banks still fail to encrypt all transfers of sensitive financial data, we commissioned this report to examine failings in the transfer of sensitive data across all business sectors, and we are still seeing a persistent minority failing to deal with sensitive data in a secure or compliant manner." ]]> Network Security happygeek http://www.daniweb.com/forums/thread223468.html News Story Security spending to outpace other IT spending in 2010 http://www.daniweb.com/news/story221460.html Tue, 08 Sep 2009 13:13:19 GMT It's good news for those in the security business, according to Gartner at least. It is predicting that security software and services spending will outpace other IT spending areas in 2010. The Gartner report suggests that security software budgets will grow by approximately 4% in 2010, while security services budgets will grow almost 3%.

Earlier this year Gartner surveyed more than 1,000 IT professionals with budget responsibility worldwide to determine their budget-planning expectations for 2010 and the results form the basis of this new report.

"In the current highly uncertain economic environment, with overall IT budgets shrinking, even the modest spending increases indicated by the survey shows that security spending accounts for a higher percentage of the IT budget," said Adam Hils, principal research analyst at Gartner. "Security decision makers should work to allocate limited budgets based on enterprise-specific security needs and risk assessments."

Specific areas of projected security-related software spending growth in 2010 includes security information and event management (SIEM), e-mail security, URL filtering, and user provisioning. The continued, comparatively strong emphasis on security extends beyond software. The survey showed that security services spending will also outpace spending in other services areas, with budgets expected to grow 2.74 per cent in 2010. This anticipated increase is being driven in part by a growing movement towards managed security services, cloud-based e-mail/web security solutions, and third-party compliance-related consulting and vulnerability audits and scans.

"When evaluating and planning 2010 security budgets, organisations should work to achieve a realistic view of current spending and recognise that it may be impossible to capture all security-related spending because of organisationally diffused security budgets," said Ruggero Contu, principal research analyst at Gartner. "Businesses should also recognise that new threats or vulnerabilities may require security spending that exceeds the amounts allocated, and should consider setting aside up to 15 per cent of the IT security budget to address the potential risks and impact of such unforeseen issues." ]]> Network Security happygeek http://www.daniweb.com/forums/thread221460.html Block a host http://www.daniweb.com/forums/thread216186.html Fri, 04 Sep 2009 09:40:57 GMT Hi,
I need some informations about how a country like ...Italy, UK,.. can block the access to a site of its country(under .it domain) to a the foreign host.
for example: The state "Italy" have a internet game that is legal for the people that lives in Italy, but it doesn't want that foreign people the lives in others country can access to this game.

How it can do this? (I need specific technique not political consideration). I have thinked about the dual thing, the case in which a country wants to block the access to a foreign site for its citizens...The state can impose, obligue the ISP to not respond to the Dns query to the specip game site...

Can you help me? Have you got a link that can help me?

Thanks. ]]> Network Security bosola http://www.daniweb.com/forums/thread216186.html VPN monitoring http://www.daniweb.com/forums/thread215590.html Wed, 02 Sep 2009 00:30:25 GMT Hi all -

This is going to seem like an odd post since it's not too technical in nature, but I'm hoping you can help set my mind at ease or confirm my high level of anxiety.

I was on my home computer using Yahoo Messenger and chatting with a work friend. Said work friend was logged into his VPN but didn't realize it. He was not remoted into his work machine or anything and was on his home computer, but was definitely logged into VPN. Well, a large portion of that conversation is something that we are hoping was not read/caught/monitored by our company.

How likely is it that they monitor something like that? And how easy would it be to "see" the conversation? Would they be able to tell who I am since I was not logged in but was on my own home network (and behind a firewall)?

Please - no flaming. I am well aware that I could lose my job if any of this was monitored and am really freaking out over it all. I'm hoping you can justify my anxiety or help ease it.

Thanks in advance and I apologize for posting something so trivial in your forum. I didn't know where else to turn for answers! ]]> Network Security imtrble http://www.daniweb.com/forums/thread215590.html knockin on the IT security door.... http://www.daniweb.com/forums/thread215531.html Tue, 01 Sep 2009 17:55:21 GMT Hello, I am interested in starting a career in network security. I have a bachelors in an unrelated field and have no experience working in this industry. Question is, how do I determine the best place to start? In other words, what certification is good for entry level... A+, Network+ or CCNA?... Hello,
I am interested in starting a career in network security. I have a bachelors in an unrelated field and have no experience working in this industry. Question is, how do I determine the best place to start? In other words, what certification is good for entry level... A+, Network+ or CCNA? Also, is anyone familiar with the IT industry in Houston, Texas? ]]> Network Security maddipaige http://www.daniweb.com/forums/thread215531.html News Story Skype wiretap Trojan revealed http://www.daniweb.com/news/story220782.html Sun, 30 Aug 2009 22:45:55 GMT Symantec has detected a new Trojan which targets Skype users in order to monitor and record conversations made using the Internet telephony service. Apparently the source code for this particular Trojan, called Pesky Spy, is already being touted around the usual places where the bad guys can pick... Symantec has detected a new Trojan which targets Skype users in order to monitor and record conversations made using the Internet telephony service. Apparently the source code for this particular Trojan, called Pesky Spy, is already being touted around the usual places where the bad guys can pick up such things.

It would appear to work by using the Windows API hooks that are intended for audio applications, such as Skype. The audio processes are monitored, calls recorded as relatively small MP3 files, and transferred quickly to anywhere on the Internet before the victim even knows their calls are being tapped. In fact, before the conversation even hits Skype.

Symantec explains that "Because the Trojan listens in the data traveling between the Skype process and the audio device, it gathers the audio independently of any application-specific protocols or encryption applied by Skype when it passes voice data at the network level. Essentially, it sits below these security measures, recording the audio at the Windows level—before outbound audio from the microphone gets to Skype and after incoming audio leaves Skype and reaches the speakers."

Skype is said to be aware of the Trojan, and is advising that users ensure their anti-virus and firewalls are up to date and operating properly. ]]> Network Security newsguy http://www.daniweb.com/forums/thread220782.html News Story Eek! President Obama is Going to Seize the Internet! http://www.daniweb.com/news/story220776.html Sat, 29 Aug 2009 03:16:35 GMT What, you hadn't heard?

"A Senate bill would offer President Obama emergency control of the Internet and may give him a "kill switch" to shut down online traffic by seizing private networks -- a move cybersecurity experts worry will choke off industry and civil liberties," FOX News said breathlessly. (Nice use of action verbs, though.)

"Obama-mania control of America continues,[sic] first the Census was pulled to the White House, now a bill that would give Obama and his unscrupulous cronies’[sic] control of the internet[sic] is making its way through the Senate," said examiner.com.

Eek.

(Now that Fox News has hold of the story, expect a lot more of this. Funny how protective the right wing is of the Internet all of a sudden.)

The bill, S773, the "Cybersecurity Act of 2009," was introduced in April. It is intended to help protect national security in the event of war, natural disaster, or an act of cyberterrorism by giving the government the ability to control the Internet. The first take of the bill came under a fair amount of criticism at the time, through organizations such as the Electronic Frontier Foundation.

"One proposed provision gives the President unfettered authority to shut down Internet traffic in an emergency and disconnect critical infrastructure systems on national security grounds goes too far," the EFF said in April. "Certainly there are times when a network owner must block harmful traffic, but the bill gives no guidance on when or how the President could responsibly pull the kill switch on privately-owned and operated networks."

So why are people having conniption fits over a bill that was submitted in April and has had no action since then?

In response to the criticisms, bill sponsors Senator Jay Rockefeller (D-West Virginia) and Senator Olympia Snowe (R-Maine) have been working on the bill. CNET's Declan McCullagh has reportedly obtained a copy of it, and posted an article on Friday detailing what was different about the bill, which in some ways he finds worse in terms of specificity and limits.

Okay. Let us stipulate that the bill as written is untenable -- not specific enough, could be used badly by a bad President, opens up too many loopholes, etc.

That stipulated, let's stop running around like chickens with our heads cut off about it, for the following reasons:

1. The bill isn't done. The version McCullagh cites hasn't been submitted, as far as I can tell. This is the way the process of developing laws is supposed to work. There are a jillion people watching the progress of this bill. They're not going to sneak it by us. Let's let them finish writing the thing before we jump on it.

2. Like it or not, something like this is probably necessary. Anyone else old enough to remember the Morris Worm in 1988? People were panicked. (In one memorable case, the IT director ordered staff to *take an ax* to the cable connecting the company to the Internet.) And that was a bored college student. If someone breaks into the power grid via the Internet and starts shutting things off, say, do we really want no recourse? More pragmatically, do we really think the lack of a law would keep the government from doing whatever it could in such a situation?

3. Lest we forget (or lest we be too damn young to remember), the government started the Internet in the first place, and then insisted that it pay its own way and become commercial -- which a number of people thought would mean its death. (If anyone can find an online copy of "Whither NREN?" from Byte, July 1991, it lays out the issues pretty well, if I do say so myself -- though it has this sidebar by some obscure Senator from Tennessee for some reason.) Anyway, the Internet survived that just fine. Remember, the Internet was designed to survive a nuclear attack. FOX News aside, there's not going to be a big red button that says "Internet" that someone can push to shut it down.

By all means, let's follow this bill and examine it critically. But let's keep it in perspective. ]]> Network Security slfisher http://www.daniweb.com/forums/thread220776.html News Story Government gets tough on pirates after Mandy dines with Geffen http://www.daniweb.com/news/story220769.html Thu, 27 Aug 2009 00:44:10 GMT I'm not a great fan of the phrase 'total coincidence' and nor am I a fan of The Rt Hon Lord Mandelson, First Secretary of State, Secretary of State for Business, Innovation & Skills and Lord President of the Council to be formal.

While I'm on the small matter of things I don't like, I'm not exactly standing cheering on the sidelines when a recording or movie industry executive bemoans modern technology for stripping them of some of their profit from the sale of music or film.

So you can probably guess I was none too pleased to learn that the UK Government has done something of a 180 degree about turn of thinking when it comes to dealing with entertainment industry piracy on the Internet. The proposed draconian new powers include forcing Internet Service Providers to suspend or block the accounts of persistent downloaders. Oddly enough, this exact same suggestion was rejected just a couple of months ago in the much awaited Digital Britain report, which was published by none other than the UK Government itself.

Of course, the turnaround could have nothing to do with Peter Mandelson having dinner with David Geffen, a well known Hollywood media mogul, at a villa in Corfu belong to Nat Rothschild could it? Absolutely not, according to a Government spokesperson who said "I believe they had dinner, but they absolutely didn't discuss any peer-to-peer file-sharing."

Believe what you will, but understand this: many Internet Service Providers are not happy. One major ISP, TalkTalk, has gone on record to state "Introducing measures such as disconnection at the instigation of the Secretary of State will sidestep proper scrutiny, likely breach fundamental human rights and result in innocent people being disconnected or, worse, prosecuted" adding "What’s more, they will not work" and concluding that the plans would be strongly resisted. Even the Internet Services Providers' Association has said that it was disappointed by the announcement regarding disconnection which it considered to be "a disproportionate response."

Here's what the Government has to say about ISP account suspension:

Quote:

"The original proposal lists six technical measures that Ofcom might require ISPs to impose on repeat infringers. Since the issue of the consultation some stakeholders have argued strongly that none of those technical measures is powerful enough to have a significant deterrent effect on infringing behaviour. Also we cannot know how P2P technology might develop in the short to medium term, and we want to ensure that Ofcom has a full tool-kit from which to select the most appropriate measure should technical measures be deemed necessary. Taking those points into account, although we continue to regard the uptake and use of Internet services as essential to a digital Britain, we are considering the case for adding suspension of accounts into the list of measures that could be imposed. This does not necessarily mean that suspension would be used - this step would obviously be a very serious sanction as it would affect all members of a household equally, and might disrupt access to other communications, so it should be regarded as very much a last resort. Accordingly a thorough examination of the proportionality and effectiveness of the measure (as with any of the other measures) would have to be undertaken before ISPs would be required to implement it, even if the decision to move to technical measures is taken. As ever we would need to ensure any such measure fully complied with both UK and EU legislation."

]]> Network Security happygeek http://www.daniweb.com/forums/thread220769.html Port remapping http://www.daniweb.com/forums/thread213964.html Wed, 26 Aug 2009 00:46:54 GMT is it a good idea to remap a port? any ideas.. thanks :) is it a good idea to remap a port? any ideas.. thanks :) ]]> Network Security cguan_77 http://www.daniweb.com/forums/thread213964.html server 2003 different pc different folder access permissions http://www.daniweb.com/forums/thread213428.html Sun, 23 Aug 2009 17:48:28 GMT it is a strange when a user logsinto her regular pc and she cannot 3 out of 10 folders for which she should have full right. Logging into an adjacent pc, she can access all 10. The difference is the MAC address on the first pc has a reserve IP in the 10 subnet and the 2nd is on our 172.xx.x.xx... it is a strange when a user logsinto her regular pc and she cannot 3 out of 10 folders for which she should have full right. Logging into an adjacent pc, she can access all 10. The difference is the MAC address on the first pc has a reserve IP in the 10 subnet and the 2nd is on our 172.xx.x.xx subnet with no reservation. Both DHCP and in same office.(two subnets) ]]> Network Security new2servers http://www.daniweb.com/forums/thread213428.html block icmp request http://www.daniweb.com/forums/thread213356.html Sun, 23 Aug 2009 07:28:26 GMT hi guys, please help to give some insight on how to block ICMP or ping request in a web server? thanks.. hi guys, please help to give some insight on how to block ICMP or ping request in a web server? thanks.. ]]> Network Security cguan_77 http://www.daniweb.com/forums/thread213356.html WEbsense hack http://www.daniweb.com/forums/thread211819.html Sun, 16 Aug 2009 08:44:22 GMT somebody help me with this ......
i can't access social networkink sites at my institute due to this .....
no proxy is working ]]> Network Security azhar123 http://www.daniweb.com/forums/thread211819.html News Story The high price of fake software http://www.daniweb.com/news/story220743.html Fri, 14 Aug 2009 13:27:04 GMT As someone who works within the IT Security space, I have to say that rogueware (also known as scareware (http://www.itwire.com/content/view/20938/53/)) is starting to seriously hack me off. Not that I have ever been conned into purchasing it, I hasten to add, but rather because so many others have... As someone who works within the IT Security space, I have to say that rogueware (also known as scareware) is starting to seriously hack me off. Not that I have ever been conned into purchasing it, I hasten to add, but rather because so many others have and so many people are making rather a lot of money as a result.

Rogueware, which can be loosely defined as any 'fake software solution' which separates unsuspecting users from their cash in order to fix non-existent problems, is increasing by a factor of ten in less than a year according to the chaps at PandaLabs. They have been watching the rogueware phenomenon very closely indeed, and have now published a multi-year study into the proliferation of rogueware into the overall cybercrime economy. The research report, The Business of Rogueware, reveals that:

Cybercriminals are earning approximately $34 million per month through rogueware attacks
Approximately 35 million computers are newly infected with rogueware each month
Rogueware is now being distributed through Facebook, MySpace, Twitter, Digg and targeted blackhat SEO attacks
And finally, a confirmation of something that many of us suspected anyway: the majority of these cybercriminals are operating from Eastern Europe

"Rogueware is so popular among cybercriminals primarily because they do not need to steal users’ personal information like passwords or account numbers in order to profit from their victims" said Luis Corrons, PandaLabs Technical Director. "By taking advantage of the fear in malware attacks, they prey upon willing buyers of their fake anti-virus software, and are finding more and more ways to get to their victims, especially as popular social networking sites and tools like Facebook and Twitter have become mainstream."

There are now approximately 200 different rogueware families, and in the first quarter of 2009 alone more new strains were created than in all of 2008. The second quarter painted an even bleaker picture, with the emergence of four times as many samples as in all of 2008. In Q309, PandaLabs estimates a rogueware total greater than the previous eighteen months combined. ]]> Network Security happygeek http://www.daniweb.com/forums/thread220743.html How To Prevent Broadband USB Modem http://www.daniweb.com/forums/thread211462.html Fri, 14 Aug 2009 09:34:05 GMT First I want to say thanks for a lot of information, which this forums provide it to us. I have issue in my network, actually I am network security administrator in my network and I am using PIX and IPS in my side. I am filtering all Internet request from my Firewall but I faced last days some end... First I want to say thanks for a lot of information, which this forums provide it to us. I have issue in my network, actually I am network security administrator in my network and I am using PIX and IPS in my side. I am filtering all Internet request from my Firewall but I faced last days some end user installed and used Internet from broadband USB modem. I know there is week from our technical support they did nit disable local administrator account or maybe they already installed the broadband USB modem for the end user. My question now how can I know if there is Internet connection active in my network from other source like broadband USB modem or dialup connection.
Thanks for your time to read my issue.
Regards

DohaDesigner ]]> Network Security dohadesigner http://www.daniweb.com/forums/thread211462.html How I can get Best Network Security Software? http://www.daniweb.com/forums/thread210909.html Wed, 12 Aug 2009 07:39:48 GMT HI can anyone tell me How I can get Best Network Security Software. Thanks. HI

can anyone tell me How I can get Best Network Security Software.

Thanks. ]]> Network Security syedabdulsamad http://www.daniweb.com/forums/thread210909.html intrusion detection in wireless agent http://www.daniweb.com/forums/thread210858.html Wed, 12 Aug 2009 03:08:45 GMT my research work is running on the topics of intrusion detection. i need some research papers that worked on this advanced technology and the right things to choose for which sector is prefect to work on in network security my research work is running on the topics of intrusion detection. i need some research papers that worked on this advanced technology and the right things to choose for which sector is prefect to work on in network security ]]> Network Security Sarnali http://www.daniweb.com/forums/thread210858.html Netgear Wireless Router Password vs Key http://www.daniweb.com/forums/thread210565.html Tue, 11 Aug 2009 01:53:07 GMT I have a Netgear MR814v2 wireless router. I have set up the wireless network with WEP 128 bit security. On the setup wizard I put in a password that comes up with a key automatically that is faded and unable to change. I am trying to hook up a dell inspirion laptop that using Intel/Proset. When... I have a Netgear MR814v2 wireless router. I have set up the wireless network with WEP 128 bit security. On the setup wizard I put in a password that comes up with a key automatically that is faded and unable to change. I am trying to hook up a dell inspirion laptop that using Intel/Proset. When I am asked to put in a password it has different requirements of 0-9 and a-f. My password put into the netgear wizard doesn't meet the Intel/Proset requirements. How do I hook my laptop to the netgear router using this security, with a password vs a security key? ]]> Network Security Hyperstray http://www.daniweb.com/forums/thread210565.html Some processes are eating away my bandwidth http://www.daniweb.com/forums/thread210525.html Mon, 10 Aug 2009 20:59:44 GMT Hello,

I hv been using an ISP which gives me limited bandwidth per month ..

When I start my internet connection, in about 5-10 min, data usage becomes 20-30 MB(Download+Upload both) even if only gmail.com is open ..

So I'm worried that something somewhere is eating away my bandwidth and I'm predicting a higher bill this month ..

I hv several svchost.exe processes running in my task bar .. Is it the cause or something else??

Please help me with this problem .. ]]> Network Security soham100 http://www.daniweb.com/forums/thread210525.html Remote Desktop puzzle that is beyond me... http://www.daniweb.com/forums/thread210477.html Mon, 10 Aug 2009 17:06:45 GMT Hi,

I have 2 computers that both run Vista and I have used the laptop in the past to access the desktop via RDC. This past weekend, from one outside location, I tried to connect as in the past but couldn't. The message from Vista said it couldn't connect. I checked all my firewall settings (including turning off the firewall within Trend Micro, and using Windows Firewall that is set to allow RDC).

Here's the wierd part. I can connect sucessfully from one wireless network (not mine, a neighbors) every time, but when I try to connect from another wireless network (a different neighbor) I cannot connect. I can repeat this every time.

Nothing has changed on my laptop or my desktop. I connect sucessfully from one external wireless but not from the other. How can this be?

Please tell me what I'm missing...

Thanks for any input,
bob ]]> Network Security grindy http://www.daniweb.com/forums/thread210477.html